tinyproxy: import from packages, add myself as maintainer

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

net/tinyproxy/Makefile

@@ -0,0 +1,51 @@
+#
+# Copyright (C) 2006-2014 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=tinyproxy
+PKG_VERSION:=1.8.3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=http://www.banu.com/pub/tinyproxy/1.8/
+PKG_MD5SUM:=292ac51da8ad6ae883d4ebf56908400d
+PKG_MAINTAINER:=Jo-Philipp Wich <jow@openwrt.org>
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/tinyproxy
+  SUBMENU:=Web Servers/Proxies
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Tinyproxy is a lightweight HTTP and HTTPS proxy
+  URL:=http://tinyproxy.sourceforge.net/
+endef
+
+define Package/tinyproxy/conffiles
+/etc/config/tinyproxy
+endef
+
+CONFIGURE_ARGS+= \
+	--enable-filter \
+	--enable-transparent \
+	--disable-regexcheck \
+
+define Package/tinyproxy/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/tinyproxy $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/usr/share/tinyproxy
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/tinyproxy/*.html $(1)/usr/share/tinyproxy/
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/tinyproxy.config $(1)/etc/config/tinyproxy
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/tinyproxy.init $(1)/etc/init.d/tinyproxy
+endef
+
+$(eval $(call BuildPackage,tinyproxy))

net/tinyproxy/files/tinyproxy.config

@@ -0,0 +1,251 @@
+config tinyproxy
+
+#
+# Enable the proxy
+#
+option enabled 0
+
+#
+# Name of the user the tinyproxy daemon should switch to after the port
+# has been bound.
+#
+option User nobody
+option Group nogroup
+
+#
+# Port to listen on.
+#
+option Port 8888
+
+#
+# If you have multiple interfaces this allows you to bind to only one. If
+# this is commented out, tinyproxy will bind to all interfaces present.
+#
+#option Listen 192.168.0.1
+
+#
+# The Bind directive allows you to bind the outgoing connections to a
+# particular IP address.
+#
+#option Bind 192.168.0.1
+
+#
+# Timeout: The number of seconds of inactivity a connection is allowed to
+# have before it closed by tinyproxy.
+#
+option Timeout 600
+
+#
+# ErrorFile: Defines the HTML file to send when a given HTTP error
+# occurs.  You will probably need to customize the location to your
+# particular install.  The usual locations to check are:
+#   /usr/local/share/tinyproxy
+#   /usr/share/tinyproxy
+#   /etc/tinyproxy
+#
+#option ErrorFile_404 "/usr/share/tinyproxy/404.html"
+#option ErrorFile_400 "/usr/share/tinyproxy/400.html"
+#option ErrorFile_503 "/usr/share/tinyproxy/503.html"
+#option ErrorFile_403 "/usr/share/tinyproxy/403.html"
+#option ErrorFile_408 "/usr/share/tinyproxy/408.html"
+
+# 
+# DefaultErrorFile: The HTML file that gets sent if there is no
+# HTML file defined with an ErrorFile keyword for the HTTP error
+# that has occured.
+#
+option DefaultErrorFile "/usr/share/tinyproxy/default.html"
+
+#
+# StatFile: The HTML file that gets sent when a request is made
+# for the stathost.  If this file doesn't exist a basic page is
+# hardcoded in tinyproxy.
+#
+option StatFile "/usr/share/tinyproxy/stats.html"
+
+#
+# Where to log the information. Either LogFile or Syslog should be set,
+# but not both.
+#
+option LogFile "/var/log/tinyproxy.log"
+#option Syslog 1
+
+#
+# Set the logging level. Allowed settings are:
+#	Critical	(least verbose)
+#	Error
+#	Warning
+#	Notice
+#	Connect		(to log connections without Info's noise)
+#	Info		(most verbose)
+# The LogLevel logs from the set level and above. For example, if the LogLevel
+# was set to Warning, than all log messages from Warning to Critical would be
+# output, but Notice and below would be suppressed.
+#
+option LogLevel Info
+
+#
+# Include the X-Tinyproxy header, which has the client's IP address when
+# connecting to the sites listed.
+#
+# list XTinyproxy mydomain.com
+
+#
+# This is the absolute highest number of threads which will be created. In
+# other words, only MaxClients number of clients can be connected at the
+# same time.
+#
+option MaxClients 100
+
+#
+# These settings set the upper and lower limit for the number of
+# spare servers which should be available. If the number of spare servers
+# falls below MinSpareServers then new ones will be created. If the number
+# of servers exceeds MaxSpareServers then the extras will be killed off.
+#
+option MinSpareServers 5
+option MaxSpareServers 20
+
+#
+# Number of servers to start initially.
+#
+option StartServers 10
+
+#
+# MaxRequestsPerChild is the number of connections a thread will handle
+# before it is killed. In practise this should be set to 0, which disables
+# thread reaping. If you do notice problems with memory leakage, then set
+# this to something like 10000
+#
+option MaxRequestsPerChild 0
+
+#
+# The following is the authorization controls. If there are any access
+# control keywords then the default action is to DENY. Otherwise, the
+# default action is ALLOW.
+#
+# Also the order of the controls are important. The incoming connections
+# are tested against the controls based on order.
+#
+list Allow 127.0.0.1
+#list Allow 192.168.0.0/16
+#list Allow 172.16.0.0/12
+#list Allow 10.0.0.0/8
+
+#
+# The "Via" header is required by the HTTP RFC, but using the real host name
+# is a security concern.  If the following directive is enabled, the string
+# supplied will be used as the host name in the Via header; otherwise, the
+# server's host name will be used.
+#
+option ViaProxyName "tinyproxy"
+
+#
+# The location of the filter file.
+#
+#option Filter "/etc/tinyproxy/filter"
+
+#
+# Filter based on URLs rather than domains.
+#
+#option FilterURLs 1
+
+#
+# Use POSIX Extended regular expressions rather than basic.
+#
+#option FilterExtended 1
+
+#
+# Use case sensitive regular expressions.
+#                                                                         
+#option FilterCaseSensitive 1
+
+#
+# Change the default policy of the filtering system.  If this directive is
+# commented out, or is set to "0" then the default policy is to allow
+# everything which is not specifically denied by the filter file.
+#
+# However, by setting this directive to "1" the default policy becomes to
+# deny everything which is _not_ specifically allowed by the filter file.
+#
+#option FilterDefaultDeny 1
+
+#
+# If an Anonymous keyword is present, then anonymous proxying is enabled.
+# The headers listed are allowed through, while all others are denied. If
+# no Anonymous keyword is present, then all header are allowed through.
+# You must include quotes around the headers.
+#
+#list Anonymous "Host"
+#list Anonymous "Authorization"
+
+#
+# This is a list of ports allowed by tinyproxy when the CONNECT method
+# is used.  To disable the CONNECT method altogether, set the value to 0.
+# If no ConnectPort line is found, all ports are allowed (which is not
+# very secure.)
+#
+# The following two ports are used by SSL.
+#
+list ConnectPort 443
+list ConnectPort 563
+
+#
+# Turns on upstream proxy support.
+#
+# The upstream rules allow you to selectively route upstream connections
+# based on the host/domain of the site being accessed.
+#
+# For example:
+#  # connection to test domain goes through testproxy
+#
+#config upstream
+#	option type proxy
+#	option via testproxy:8008
+#	option target ".test.domain.invalid"
+#
+#config upstream
+#	option type proxy
+#	option via testproxy:8008
+#	option target ".our_testbed.example.com"
+#
+#config upstream
+#	option type proxy
+#	option via testproxy:8008
+#	option target "192.168.128.0/255.255.254.0"
+#
+#  # no upstream proxy for internal websites and unqualified hosts
+#
+#config upstream
+#	option type reject
+#	option target ".internal.example.com"
+#
+#config upstream
+#	option type reject
+#	option target "www.example.com"
+#
+#config upstream
+#	option type reject
+#	option target "10.0.0.0/8"
+#
+#config upstream
+#	option type reject
+#	option target "192.168.0.0/255.255.254.0"
+#
+#config upstream
+#	option type reject
+#	option target "."
+#
+#  # default upstream is internet firewall
+#
+#config upstream
+#	option type proxy
+#	option via firewall.internal.example.com:80
+#
+# The LAST matching rule wins the route decision.  As you can see, you
+# can use a host, or a domain:
+#  name     matches host exactly
+#  .name    matches any host in domain "name"
+#  .        matches any host with no domain (in 'empty' domain)
+#  IP/bits  matches network/mask
+#  IP/mask  matches network/mask

net/tinyproxy/files/tinyproxy.init

@@ -0,0 +1,138 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2008-2011 OpenWrt.org
+
+START=50
+
+CFGFILE=/var/etc/tinyproxy.conf
+
+section_enabled() {
+	config_get_bool enabled "$1" 'enabled' 0
+	[ $enabled -gt 0 ]
+}
+
+start() {
+	config_load 'tinyproxy'
+	config_foreach start_proxy 'tinyproxy'
+}
+
+stop() {
+	service_stop /usr/sbin/tinyproxy
+}
+
+start_proxy() {
+	section_enabled "$1" || return 1
+
+	mkdir -m0755 -p /var/etc
+	echo '### AUTOGENERATED CONFIGURATION' > $CFGFILE
+	echo '### DO NOT EDIT' >> $CFGFILE
+	echo '### SEE /etc/config/tinyproxy INSTEAD' >> $CFGFILE
+	echo '' >> $CFGFILE
+
+	proxy_atom "$1" User >> $CFGFILE
+	proxy_atom "$1" Group >> $CFGFILE
+	proxy_atom "$1" Port 8888 >> $CFGFILE
+	proxy_atom "$1" Listen >> $CFGFILE
+	proxy_atom "$1" Bind >> $CFGFILE
+	proxy_atom "$1" Timeout >> $CFGFILE
+
+	proxy_string "$1" ErrorFile_400 "ErrorFile 400" >> $CFGFILE
+	proxy_string "$1" ErrorFile_403 "ErrorFile 403" >> $CFGFILE
+	proxy_string "$1" ErrorFile_404 "ErrorFile 404" >> $CFGFILE
+	proxy_string "$1" ErrorFile_408 "ErrorFile 408" >> $CFGFILE
+	proxy_string "$1" ErrorFile_503 "ErrorFile 503" >> $CFGFILE
+
+	proxy_string "$1" DefaultErrorFile >> $CFGFILE
+	proxy_string "$1" StatHost StatHost 127.0.0.1 >> $CFGFILE
+	proxy_string "$1" StatFile >> $CFGFILE
+	proxy_string "$1" LogFile >> $CFGFILE
+
+	proxy_flag "$1" SysLog >> $CFGFILE
+
+	proxy_atom "$1" LogLevel >> $CFGFILE
+
+	proxy_list "$1" XTinyproxy >> $CFGFILE
+
+	proxy_atom "$1" MaxClients >> $CFGFILE
+	proxy_atom "$1" MinSpareServers >> $CFGFILE
+	proxy_atom "$1" MaxSpareServers >> $CFGFILE
+	proxy_atom "$1" StartServers >> $CFGFILE
+	proxy_atom "$1" MaxRequestsPerChild >> $CFGFILE
+	proxy_list "$1" Allow >> $CFGFILE
+
+	proxy_string "$1" ViaProxyName >> $CFGFILE
+	proxy_string "$1" Filter >> $CFGFILE
+
+	proxy_flag "$1" FilterURLs >> $CFGFILE
+	proxy_flag "$1" FilterExtended >> $CFGFILE
+	proxy_flag "$1" FilterCaseSensitive >> $CFGFILE
+	proxy_flag "$1" FilterDefaultDeny Yes No >> $CFGFILE
+
+	proxy_list "$1" Anonymous '"' >> $CFGFILE
+	proxy_list "$1" ConnectPort >> $CFGFILE
+
+	config_foreach write_upstream upstream
+
+	service_start /usr/sbin/tinyproxy -c "$CFGFILE"
+}
+
+write_upstream() {
+	local type
+	local via
+	local target
+
+	config_get "type" "$1" "type"
+	config_get via "$1" via
+	config_get target "$1" target
+	[ -n "$target" ] && target=' "'"$target"'"'
+
+	[ "$type" == "proxy" -a -n "$via" ] && \
+		echo "upstream $via$target" >> $CFGFILE
+
+	[ "$type" == "reject" -a -n "$target" ] && \
+		echo "no upstream$target" >> $CFGFILE
+}
+
+proxy_atom() {
+	local SECTION=$1
+	local OPTION=$2
+	local DEFAULT=$3
+
+	config_get _value "$SECTION" "$OPTION"
+	[ -z "$_value" ] && _value="$DEFAULT"
+	[ -n "$_value" ] && echo "$OPTION $_value"
+}
+
+proxy_string() {
+	local SECTION=$1
+	local OPTION=$2
+	local ALIAS=$3
+	local DEFAULT=$4
+
+	config_get _value "$SECTION" "$OPTION"
+	[ -z "$_value" ] && _value="$DEFAULT"
+	[ -n "$_value" ] && echo "${ALIAS:-${OPTION}} "'"'"$_value"'"'
+}
+
+proxy_flag() {
+	local SECTION=$1
+	local OPTION=$2
+	local TRUE="${3:-On}"
+	local FALSE="${4:-Off}"
+
+	config_get_bool _value "$SECTION" "$OPTION" 0
+	[ "$_value" -eq "1" ] && _value="$TRUE" || _value="$FALSE"
+	echo "$OPTION $_value"
+}
+
+proxy_list() {
+	local SECTION=$1
+	local OPTION=$2
+	local ENCLOSE=$3
+
+	config_get _value "$SECTION" "$OPTION"
+	[ -n "$_value" ] && {
+		for entry in $_value; do
+			echo "$OPTION ${ENCLOSE}${entry}${ENCLOSE}"
+		done
+	}
+}

net/tinyproxy/patches/010-no-docs-and-tests.patch

@@ -0,0 +1,86 @@
+--- a/configure
++++ b/configure
+@@ -6815,59 +6815,8 @@ fi
+ 
+ 
+ 
+-# Check for asciidoc
+-# Extract the first word of "a2x", so it can be a program name with args.
+-set dummy a2x; ac_word=$2
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+-$as_echo_n "checking for $ac_word... " >&6; }
+-if test "${ac_cv_path_A2X+set}" = set; then :
+-  $as_echo_n "(cached) " >&6
+-else
+-  case $A2X in
+-  [\\/]* | ?:[\\/]*)
+-  ac_cv_path_A2X="$A2X" # Let the user override the test with a path.
+-  ;;
+-  *)
+-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+-for as_dir in $PATH
+-do
+-  IFS=$as_save_IFS
+-  test -z "$as_dir" && as_dir=.
+-    for ac_exec_ext in '' $ac_executable_extensions; do
+-  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+-    ac_cv_path_A2X="$as_dir/$ac_word$ac_exec_ext"
+-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+-    break 2
+-  fi
+-done
+-  done
+-IFS=$as_save_IFS
+-
+-  test -z "$ac_cv_path_A2X" && ac_cv_path_A2X="no"
+-  ;;
+-esac
+-fi
+-A2X=$ac_cv_path_A2X
+-if test -n "$A2X"; then
+-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $A2X" >&5
+-$as_echo "$A2X" >&6; }
+-else
+-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+-$as_echo "no" >&6; }
+-fi
+-
+-
+- if test "x$A2X" != "xno"; then
+-  HAVE_A2X_TRUE=
+-  HAVE_A2X_FALSE='#'
+-else
+   HAVE_A2X_TRUE='#'
+   HAVE_A2X_FALSE=
+-fi
+-
+-if test x"$A2X" = x"no"; then
+-  as_fn_error $? "Test for asciidoc failed. See the file 'INSTALL' for help." "$LINENO" 5
+-fi
+ 
+ ac_config_files="$ac_config_files Makefile src/Makefile data/Makefile data/templates/Makefile etc/Makefile docs/Makefile docs/man5/Makefile docs/man5/tinyproxy.conf.txt docs/man8/Makefile docs/man8/tinyproxy.txt m4macros/Makefile tests/Makefile tests/scripts/Makefile"
+ 
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -2,9 +2,7 @@ SUBDIRS = \
+ 	src \
+ 	data \
+ 	etc \
+-	docs \
+ 	m4macros \
+-	tests
+ 
+ # tools want this on a single line
+ ACLOCAL_AMFLAGS = -I m4macros
+--- a/Makefile.in
++++ b/Makefile.in
+@@ -222,9 +222,7 @@ SUBDIRS = \
+ 	src \
+ 	data \
+ 	etc \
+-	docs \
+ 	m4macros \
+-	tests
+ 
+ 
+ # tools want this on a single line

net/tinyproxy/patches/020-config_and_pid-path.patch

@@ -0,0 +1,13 @@
+--- a/src/main.c
++++ b/src/main.c
+@@ -326,8 +326,8 @@ static void initialize_config_defaults (
+         conf->errorpages = NULL;
+         conf->stathost = safestrdup (TINYPROXY_STATHOST);
+         conf->idletimeout = MAX_IDLE_TIME;
+-        conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy/tinyproxy.log");
+-        conf->pidpath = safestrdup (LOCALSTATEDIR "/run/tinyproxy/tinyproxy.pid");
++        conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy.log");
++        conf->pidpath = safestrdup (LOCALSTATEDIR "/tinyproxy.pid");
+ }
+ 
+ /**

net/tinyproxy/patches/030-allow_bind_in_transparent_mode.patch

@@ -0,0 +1,22 @@
+--- a/src/conf.c
++++ b/src/conf.c
+@@ -865,7 +865,6 @@ static HANDLE_FUNC (handle_deny)
+ 
+ static HANDLE_FUNC (handle_bind)
+ {
+-#ifndef TRANSPARENT_PROXY
+         int r = set_string_arg (&conf->bind_address, line, &match[2]);
+ 
+         if (r)
+@@ -873,11 +872,6 @@ static HANDLE_FUNC (handle_bind)
+         log_message (LOG_INFO,
+                      "Outgoing connections bound to IP %s", conf->bind_address);
+         return 0;
+-#else
+-        fprintf (stderr,
+-                 "\"Bind\" cannot be used with transparent support enabled.\n");
+-        return 1;
+-#endif
+ }
+ 
+ static HANDLE_FUNC (handle_listen)

net/tinyproxy/patches/120-fix_INET6.patch

@@ -0,0 +1,38 @@
+--- a/src/sock.c
++++ b/src/sock.c
+@@ -39,8 +39,7 @@
+  * returned if the bind succeeded.  Otherwise, -1 is returned
+  * to indicate an error.
+  */
+-static int
+-bind_socket (int sockfd, const char *addr, int family)
++static int bind_socket (int sockfd, const char *addr)
+ {
+         struct addrinfo hints, *res, *ressave;
+ 
+@@ -48,7 +47,7 @@ bind_socket (int sockfd, const char *add
+         assert (addr != NULL && strlen (addr) != 0);
+ 
+         memset (&hints, 0, sizeof (struct addrinfo));
+-        hints.ai_family = family;
++        hints.ai_family = AF_UNSPEC;
+         hints.ai_socktype = SOCK_STREAM;
+ 
+         /* The local port it not important */
+@@ -106,14 +105,12 @@ int opensock (const char *host, int port
+ 
+                 /* Bind to the specified address */
+                 if (bind_to) {
+-                        if (bind_socket (sockfd, bind_to,
+-                                         res->ai_family) < 0) {
++                        if (bind_socket (sockfd, bind_to) < 0) {
+                                 close (sockfd);
+                                 continue;       /* can't bind, so try again */
+                         }
+                 } else if (config.bind_address) {
+-                        if (bind_socket (sockfd, config.bind_address,
+-                                         res->ai_family) < 0) {
++                        if (bind_socket (sockfd, config.bind_address) < 0) {
+                                 close (sockfd);
+                                 continue;       /* can't bind, so try again */
+                         }